OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [dss] Authentication Token

At 12:46 PM 10/27/2004 -0400, Ed Shallow wrote:
>[...]
>     I do not think that the subtle semantic difference between 
> ClaimedIdentity (now with SupportingInfo) and RequesterIdentity (always 
> had SupportingInfo) is worth distinct and separate naming.

I like your previous proposal better.  RequesterIdentity and 
ClaimedIdentity have pretty different functions:
  - RequesterIdentity goes in signature, says "this guy requested the 
signature be produced (and here's other public info about him)"
  - ClaimedIdentity goes in protocol, says "I'm requesting a signature be 
produced (and here's other data about me which proves my identity and 
proves I assent to this request"

The supporting info has very different roles - in the 1st case, it's public 
(e.g. a certificate), in the latter case, it may be private and tied to the 
protocol request (e.g. a signature, PSTP signature, MAC, etc.).

So I think making the structures similar but not identical, like you first 
proposed, is the best approach.

Trevor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]